InfoSec News 2012-01-30
InfoSec News for Monday January 30, 2012.
- 4 Sun journos, 1 cop bailed in police bung probe
Cuffed on suspicion of corruption after tip-off from News Corp: Police officers investigating allegations of illegal payments to cops as part of a larger probe of News International arrested four journalists on Saturday. All four were either current or former hacks at Rupert Murdoch’s tabloid The Sun. Police also arrested a Metropolitan police service officer at the weekend.
- Microsoft’s Kelihos kingpin suspect: It wasn’t me
Sabelnikov denies botnet herder allegation: The Russian man named by Microsoft as the mastermind behind the Kelihos botnet has stepped forward to plead his innocence.
- Google spews out ‘privacy’ email to Sky punters too
- Quantum Trojans undermine security theory
Can dodgy vendors compromise uncrackable security?: A group of English and Canadian researchers has cast doubt on the nascent push to develop device-independent quantum cryptography standards, asserting that such schemes could be undermined by malicious vendors.
- Students busted for hacking computers, changing grades
‘Very bright kids’ too bright for their own good: Three high school juniors have been arrested after they devised a sophisticated hacking scheme to up their grades and make money selling quiz answers to their classmates.
- Adscend denies Facebook, AG allegations
Adscend Media, the defendant in lawsuits filed this week by Facebook and the Washington attorney general, on Friday denied the allegations in the complaints and shifted blame to its affiliates.
- Hawaii legislators bid aloha to controversial data retention bill
Lawmakers in Hawaii quietly dropped a bill that would have required Internet service providers to collect the browsing histories of Internet users in the state and store the data for at least two years.
- Google, Microsoft and Facebook battle phishing with new specification
- Bogus “browser update” pages deliver malware
- Symantec claims largest ever Android malware find
- Lookout claims Symantec crying wolf over Android malware
- City staff to review private messages
- Twitter buys anti-malware firm
- “Curious” nurse snooped in 108 patients’ files
- A hacker aqcuired a “a small portion of payment firm’s European EFT business according to SEC filing
- Laptops stolen in office burglary contained some clinical and demographic information as well as some Social Security numbers
- Personal info on former and current customers exposed on the Internet in a spreadsheet that contained Social Security numbers
- Over 400 clients’ records (but no financial info) on laptop stolen from office
- Hawaiian University settles data breach lawsuit
- 2,131 names, usernames, postal and e-mail addresses, phone numbers, and encrypted passwords dumped on the Internet
- Pro-government hactivists deface Al Jazeera coverage of Syrian violence
- Hitler painting fetches 32,000 euros in Slovak auction
- Android Counterclank Malware Assails Android Market: Symantec
- Boxes full of 2,000 personal medical records including names, addresses, phone numbers and social security numbers in a trash can
- Student used an application on his cell phone to hack into the school’s computer network
- EU 24-Hour Data Breach Notification Rule ‘Unworkable’: ATandT Executive
- Sanctions against Iran may destabilize, topple regime by ratcheting up hassle factor: expert
- Stealing the Titanic: Artifacts auction draws accusations of grave robbery
- Security roundup: The triumph of hactivists, the sorrow of Symantec
- Massive Android malware op may have infected 5 million users
- Lookout Security rebuts rival’s Android malware claims
- Customers names, email addresses, billing and shipping addresses, telephone numbers, credit card information and/or a cryptographically scrambled passwords exposed
- Man stole numerous customer accounts for more than a year
- 650,000 names, email addresses, birth dates and nutritional data due to hacked database
- 2,257 Social Security numbers of living veterans was mistakenly released to Ancestry.com as part of a response to a Freedom of Information Act request
- Hacker able to view every member’s personal data, photos, pseudonyms and passwords
- 7,000 full customer names, complete addresses, dates of birth, Social Security numbers, gender, Medicaid identification numbers, case management information and telephone numbers
- Fraudulent purchases made with information from dozens of locals credit and debit cards
- Data backup file held by vendor was accessed by an intruder included user names, email addresses and passwords
- 391 current and former hospital employees names and Social Security numbers posted on website
- 8,000 Social Security numbers and some credit card numbers of prospective students on a public server
- SEC Goes After Online Trading Firms That Unwittingly Helped Latvian Hacker
- Commerce or chaos
- Anonymous targets Mexican websites
- Twitter Censorship Move Sparks Backlash: Is it Justified?
- FINRA advises brokers to bulk up security
- Univ. of Hawaii settles with 98,000 over five breaches
- The Lede Blog: Twitter’s New Policy on Blocking Posts Is Attacked, and Defended
- White House Presses For New Cybersecurity Laws